AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-08-22 · Documentation low

File: waf/latest/developerguide/waf-data-protection-and-logging.md

Summary

Updated terminology from 'protection pack or web ACL' to 'protection pack (web ACL)' throughout document. Changed references to clarify web ACLs are part of protection packs.

Security assessment

Changes appear to be terminology standardization rather than addressing security vulnerabilities. No evidence of patching vulnerabilities or changing security controls. Updates focus on clarifying relationship between protection packs and web ACLs in logging/data protection contexts.

Diff

diff --git a/waf/latest/developerguide/waf-data-protection-and-logging.md b/waf/latest/developerguide/waf-data-protection-and-logging.md
index 165f0eb40..da11b6b9f 100644
--- a//waf/latest/developerguide/waf-data-protection-and-logging.md
+++ b//waf/latest/developerguide/waf-data-protection-and-logging.md
@@ -9 +9 @@ You can now use the updated experience to access AWS WAF functionality anywhere
-# Data protection and logging for AWS WAF protection pack or web ACL traffic
+# Data protection and logging for AWS WAF protection pack (web ACL) traffic
@@ -13 +13 @@ This section explains the data logging, collection, and protection options that
-  * **Logging** – You can configure your protection pack or web ACL to send logs for web request traffic to a logging destination of your choice. You can configure field redaction and filtering for this choice. Logging uses the data that's available after any data protection setting are applied. 
+  * **Logging** – You can configure your protection pack (web ACL) to send logs for web request traffic to a logging destination of your choice. You can configure field redaction and filtering for this choice. Logging uses the data that's available after any data protection setting are applied. 
@@ -15 +15 @@ This section explains the data logging, collection, and protection options that
-For information about this option, see [Logging AWS WAF protection pack or web ACL traffic](./logging.html). 
+For information about this option, see [Logging AWS WAF protection pack (web ACL) traffic](./logging.html). 
@@ -17 +17 @@ For information about this option, see [Logging AWS WAF protection pack or web A
-  * **Request sampling** – You can configure your protection pack or web ACL to sample the web requests that it evaluates, to get an idea of the type of traffic that your application is receiving. Request sampling uses the data that's available after any data protection settings are applied. 
+  * **Request sampling** – You can configure your protection pack (web ACL) to sample the web requests that it evaluates, to get an idea of the type of traffic that your application is receiving. Request sampling uses the data that's available after any data protection settings are applied. 
@@ -21 +21 @@ For information about this option, see [Viewing a sample of web requests](./web-
-  * **Amazon Security Lake** – You can configure Security Lake to collect protection pack or web ACL data. Security Lake collects log and event data from various AWS sources for normalization, analysis, and management. Security Lake collects from the data that's available after any data protection settings are applied. 
+  * **Amazon Security Lake** – You can configure Security Lake to collect protection pack (web ACL) data. Security Lake collects log and event data from various AWS sources for normalization, analysis, and management. Security Lake collects from the data that's available after any data protection settings are applied. 
@@ -29 +29 @@ AWS WAF doesn't charge you for using this option. For pricing information, see [
-    * **Data protection for the protection pack or web ACL** – You can configure data protection for each protection pack or web ACL, which enables you to substitute certain web traffic data with static strings or cryptographic hashing. Data protection at this level can be configured centrally, and applies across all logging and data collection options.
+    * **Data protection for the protection pack (web ACL)** – You can configure data protection for each protection pack (web ACL), which enables you to substitute certain web traffic data with static strings or cryptographic hashing. Data protection at this level can be configured centrally, and applies across all logging and data collection options.
@@ -40 +40 @@ For information about this option, see [Data protection](./data-protection-maski
-  * [Logging AWS WAF protection pack or web ACL traffic](./logging.html)
+  * [Logging AWS WAF protection pack (web ACL) traffic](./logging.html)